Hub Connection Settings
Libertas-OS is all about liberty.
The sole purpose of Libertas-OS is to give users total control over their IoT devices, identity and data.
The sole purpose of our network service is to help user (from their smartphone) to locate their Libertas Hub in order to create end-to-end encrypted connection.
Note: If unsure, choose the default “Libertas Secure Bridge”. You can always ask somebody who knows how to NAT port forwarding to help you change the settings.
Connection Types
There are 3 ways to connect to your Libertas Hub at home, from anywhere in the world.
Secure Bridge Network
Both Smartphone and Libertas Hub connect to our bridge network. The bridge network will forward messages between Libertas Hub and your Smartphone. The message is end-to-end encrypted so the bridge will not understand the content.
This method is for users with no technical knowledge at all.
NAT Port Forwarding
User can set up port forwarding on their home router to the Libertas Hub (punch a hole). In this case Smartphone App only needs to know the port number.
Libertas Hub will keep monitoring its external IP and will know immediately if the external IP is changed by ISP. It will then notify the new IP to our bridge. Next time when a user tries to connect from the outside network, it will fail immediately because the IP is wrong. The user’s phone app will make a query to the bridge to get the new IP.
In this case our bridge network service acts as a secure authenticated DNS. Only Smartphone clients with valid key can get IP for a specific hub.
Setting Up
Setting up NAT port forwarding involves three steps. Both are performed on the user’s broadband router, usually by connecting to the router with a Web Browser.
- Create a static IP lease for your Hub
- Set up a NAT Port Forwarding to your Hub’s port 80. Give it an external port number and write the port number down.
- Change the Hub’s Connection Settings to use “NAT Port Forwarding” with the external port number in step 2.
Using Static IP
In this case, both IP and port are required to set up the Hub. All Smartphone Apps will directly connect to the IP/port.
Still, the Hub may need to connect to our network if it needs to send some notifications to the users (to their Smartphone). It is required because at least on IoS platform, the only way to send real-time notification is through Apple’s own network.
But don’t worry, all messages (including notifications) are still end-to-end encrypted. Neither us or Apple/Google will be able to know the content of the messages.